Managing the privacy risks of virtual health care

As the COVID-19 pandemic enters its second year, health care institutions are increasingly providing patients and clients with various forms of virtual health care. “Virtual health care” refers to the use of video or audio technology communications to provide non-urgent, non-emergency health care services remotely in real time. Virtual health care services may include medical consults, counselling, coaching, psycho-education, intervention services, and other direct services.

As the Information & Privacy Commissioner of Ontario has observed in its new guideline on the issue, Privacy and security considerations for virtual health care visits (IPC Virtual Care Guideline), the shift to virtual health care has brought with it new privacy and security risks. Many of these risks were difficult to assess adequately in the early stages of the pandemic because health care institutions and providers (together, “institutions”) were working to roll out virtual health care rapidly in the interests of patient welfare. However, now that the initial transition to virtual health care has been made, it may be an opportune time for institutions to revisit these issues.

In a recent article authored by Ira Parghi and Tanvi Medhekar, they identify some of the privacy and security risks associated with virtual health care and offer general guidance on how they may be managed. In the course of the discussion, they highlight some of the key privacy and security recommendations contained in the IPC Virtual Care Guideline. Although their article focuses largely on virtual health care and health care institutions, many of these recommendations would also apply to social service providers who have made a similar shift towards virtual service provision.

Read the article on this topic.

This content has been updated on May 2, 2024 at 13 h 32 min.